Route Origin Authorization
$ rpki-client -vvf rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa
File: AS39521.roa (raw, json)
Hash identifier: 1SMh72ETn8ld/RRa96HyeYTr/SUoxQZzSlAw87gIZ/s=
Subject key identifier: C0:A5:E1:A3:85:9E:72:67:33:27:C2:C7:93:64:83:DF:0C:40:5A:D3
Certificate issuer: /CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Certificate serial: 3278F0C9753908C639E34B470CB9CA781D0D9A53
Authority key identifier: 21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject info access: rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa
Signing time: Tue 04 Feb 2025 09:56:18 +0000
ROA not before: Tue 04 Feb 2025 09:51:18 +0000
ROA not after: Tue 03 Feb 2026 09:56:18 +0000
asID: 39521
IP address blocks: 82.21.43.0/24 maxlen: 24
82.21.50.0/24 maxlen: 24
82.21.53.0/24 maxlen: 24
82.21.58.0/24 maxlen: 24
82.21.72.0/24 maxlen: 24
82.21.84.0/24 maxlen: 24
82.21.112.0/24 maxlen: 24
82.21.116.0/24 maxlen: 24
82.21.126.0/24 maxlen: 24
82.21.165.0/24 maxlen: 24
82.22.143.0/24 maxlen: 24
82.22.145.0/24 maxlen: 24
82.22.146.0/24 maxlen: 24
82.22.157.0/24 maxlen: 24
82.22.160.0/24 maxlen: 24
82.22.162.0/24 maxlen: 24
82.22.167.0/24 maxlen: 24
82.22.186.0/24 maxlen: 24
82.22.193.0/24 maxlen: 24
82.22.195.0/24 maxlen: 24
82.23.170.0/24 maxlen: 24
82.23.171.0/24 maxlen: 24
82.23.172.0/24 maxlen: 24
82.23.173.0/24 maxlen: 24
82.23.188.0/24 maxlen: 24
82.23.191.0/24 maxlen: 24
82.24.79.0/24 maxlen: 24
82.24.88.0/24 maxlen: 24
82.24.91.0/24 maxlen: 24
82.24.100.0/24 maxlen: 24
82.24.146.0/24 maxlen: 24
82.24.174.0/24 maxlen: 24
82.24.181.0/24 maxlen: 24
82.24.191.0/24 maxlen: 24
82.24.195.0/24 maxlen: 24
82.24.201.0/24 maxlen: 24
82.25.145.0/24 maxlen: 24
82.25.175.0/24 maxlen: 24
82.25.190.0/24 maxlen: 24
82.25.205.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:78:f0:c9:75:39:08:c6:39:e3:4b:47:0c:b9:ca:78:1d:0d:9a:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=218cc6e24105de6c5c9003d65243893cb3cfdd01
Validity
Not Before: Feb 4 09:51:18 2025 GMT
Not After : Feb 3 09:56:18 2026 GMT
Subject: CN=C0A5E1A3859E72673327C2C7936483DF0C405AD3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:81:cc:44:47:2a:68:fe:69:6e:5f:67:54:dd:
21:ba:09:2d:17:c7:ba:84:36:ca:a5:6a:61:61:a9:
21:9d:b9:9b:06:e9:6b:09:60:f0:e6:4f:0a:f6:40:
83:b9:42:8f:cf:46:71:c0:a0:50:d0:22:c5:35:82:
c2:35:96:b6:d6:81:f6:a9:50:52:2e:16:c0:2e:ed:
01:6c:58:b0:9c:81:a1:e0:c3:85:2e:80:f8:52:c0:
c8:a1:5a:85:32:08:60:af:85:17:e6:79:28:04:66:
bc:b4:a2:01:8c:fd:7c:29:6f:a5:33:d4:a8:68:0f:
20:74:72:95:ee:77:a4:24:52:86:8d:36:60:fc:59:
65:f0:e4:3e:9b:2c:9f:5d:12:ec:ae:fe:24:b9:c3:
3e:3e:5a:23:40:3e:6a:11:d8:1c:b3:e1:1b:88:b6:
e2:a0:e2:a0:41:9d:5d:96:39:f7:c4:b1:60:22:b8:
f8:95:25:f2:28:cf:d5:07:67:dd:8a:96:2e:45:6b:
99:a3:c7:f8:1a:a1:92:29:85:44:9a:22:a8:00:80:
7b:52:0f:12:a0:c9:4b:8f:ca:27:9b:04:50:3a:05:
ff:f0:23:e2:e9:1d:8d:35:3c:54:fb:42:1a:8e:58:
93:66:d0:9f:23:28:59:7c:05:40:16:cc:e8:73:6a:
d4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A5:E1:A3:85:9E:72:67:33:27:C2:C7:93:64:83:DF:0C:40:5A:D3
X509v3 Authority Key Identifier:
keyid:21:8C:C6:E2:41:05:DE:6C:5C:90:03:D6:52:43:89:3C:B3:CF:DD:01
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/218CC6E24105DE6C5C9003D65243893CB3CFDD01.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IYzG4kEF3mxckAPWUkOJPLPP3QE.cer
Subject Information Access:
Signed Object - URI:rsync://rsync.paas.rpki.ripe.net/repository/718a1b4f-b64c-402c-be15-dd82a41a1af6/0/AS39521.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.21.43.0/24
82.21.50.0/24
82.21.53.0/24
82.21.58.0/24
82.21.72.0/24
82.21.84.0/24
82.21.112.0/24
82.21.116.0/24
82.21.126.0/24
82.21.165.0/24
82.22.143.0/24
82.22.145.0-82.22.146.255
82.22.157.0/24
82.22.160.0/24
82.22.162.0/24
82.22.167.0/24
82.22.186.0/24
82.22.193.0/24
82.22.195.0/24
82.23.170.0-82.23.173.255
82.23.188.0/24
82.23.191.0/24
82.24.79.0/24
82.24.88.0/24
82.24.91.0/24
82.24.100.0/24
82.24.146.0/24
82.24.174.0/24
82.24.181.0/24
82.24.191.0/24
82.24.195.0/24
82.24.201.0/24
82.25.145.0/24
82.25.175.0/24
82.25.190.0/24
82.25.205.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:7a:4a:f1:db:3c:72:17:91:78:9c:bd:d0:42:c6:da:16:6d:
f8:66:f4:dd:fc:bb:f9:0c:ba:bc:c8:26:a9:da:e6:49:22:71:
18:27:c2:82:01:ad:9f:d1:3e:2b:cf:55:c5:f5:39:65:26:69:
f5:f6:15:9d:f2:62:fb:ab:2b:b9:6a:0c:eb:42:1e:2a:a8:6f:
02:d6:18:fb:b1:7c:e4:e8:7a:dc:45:6a:5f:15:d7:69:b4:e1:
b3:86:80:d0:81:95:55:ba:28:b0:2b:de:1c:ec:37:07:6f:cd:
2d:75:f6:6a:f3:7c:5f:cb:7d:5b:49:60:0f:ab:f2:7d:8c:bf:
f1:bd:c2:82:ed:7c:66:6e:c5:b6:9e:09:1c:70:c5:ed:d9:ad:
2f:5d:45:5e:e3:15:56:46:6a:8d:76:70:23:49:30:8d:67:78:
01:a7:94:01:f9:f7:fc:e5:30:9e:85:e8:49:f4:e2:ec:c1:b2:
e0:8e:70:d0:2d:d0:b3:11:85:17:05:ae:2e:28:bf:aa:b1:8a:
f4:0f:fc:72:ce:95:37:5a:47:d0:f8:8a:32:6b:35:e0:b8:38:
61:78:85:45:c5:f4:bf:19:57:76:dd:21:35:82:eb:40:f6:cd:
9f:c0:12:87:0c:a8:77:cd:6b:ca:a4:0e:1e:56:9b:11:ae:62:
57:b1:11:ee
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgIUMnjwyXU5CMY540tHDLnKeB0NmlMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoMjE4Y2M2ZTI0MTA1ZGU2YzVjOTAwM2Q2NTI0Mzg5M2Ni
M2NmZGQwMTAeFw0yNTAyMDQwOTUxMThaFw0yNjAyMDMwOTU2MThaMDMxMTAvBgNV
BAMTKEMwQTVFMUEzODU5RTcyNjczMzI3QzJDNzkzNjQ4M0RGMEM0MDVBRDMwggEi
MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDogcxERypo/mluX2dU3SG6CS0X
x7qENsqlamFhqSGduZsG6WsJYPDmTwr2QIO5Qo/PRnHAoFDQIsU1gsI1lrbWgfap
UFIuFsAu7QFsWLCcgaHgw4UugPhSwMihWoUyCGCvhRfmeSgEZry0ogGM/Xwpb6Uz
1KhoDyB0cpXud6QkUoaNNmD8WWXw5D6bLJ9dEuyu/iS5wz4+WiNAPmoR2Byz4RuI
tuKg4qBBnV2WOffEsWAiuPiVJfIoz9UHZ92Kli5Fa5mjx/gaoZIphUSaIqgAgHtS
DxKgyUuPyiebBFA6Bf/wI+LpHY01PFT7QhqOWJNm0J8jKFl8BUAWzOhzatT/AgMB
AAGjggLxMIIC7TAdBgNVHQ4EFgQUwKXho4WecmczJ8LHk2SD3wxAWtMwHwYDVR0j
BBgwFoAUIYzG4kEF3mxckAPWUkOJPLPP3QEwDgYDVR0PAQH/BAQDAgeAMIGVBgNV
HR8EgY0wgYowgYeggYSggYGGf3JzeW5jOi8vcnN5bmMucGFhcy5ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvNzE4YTFiNGYtYjY0Yy00MDJjLWJlMTUtZGQ4MmE0MWEx
YWY2LzAvMjE4Q0M2RTI0MTA1REU2QzVDOTAwM0Q2NTI0Mzg5M0NCM0NGREQwMS5j
cmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhyc3luYzovL3Jwa2kucmlw
ZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL0lZekc0a0VGM214Y2tBUFdVa09KUExQ
UDNRRS5jZXIwegYIKwYBBQUHAQsEbjBsMGoGCCsGAQUFBzALhl5yc3luYzovL3Jz
eW5jLnBhYXMucnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5LzcxOGExYjRmLWI2NGMt
NDAyYy1iZTE1LWRkODJhNDFhMWFmNi8wL0FTMzk1MjEucm9hMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEFBggrBgEFBQcBBwEB/wSB9TCB8jCB7wQCAAEwgegD
BABSFSsDBABSFTIDBABSFTUDBABSFToDBABSFUgDBABSFVQDBABSFXADBABSFXQD
BABSFX4DBABSFaUDBABSFo8wDAMEAFIWkQMEAFIWkgMEAFIWnQMEAFIWoAMEAFIW
ogMEAFIWpwMEAFIWugMEAFIWwQMEAFIWwzAMAwQBUheqAwQBUhesAwQAUhe8AwQA
Uhe/AwQAUhhPAwQAUhhYAwQAUhhbAwQAUhhkAwQAUhiSAwQAUhiuAwQAUhi1AwQA
Uhi/AwQAUhjDAwQAUhjJAwQAUhmRAwQAUhmvAwQAUhm+AwQAUhnNMA0GCSqGSIb3
DQEBCwUAA4IBAQCOekrx2zxyF5F4nL3QQsbaFm34ZvTd/Lv5DLq8yCap2uZJInEY
J8KCAa2f0T4rz1XF9TllJmn19hWd8mL7qyu5agzrQh4qqG8C1hj7sXzk6HrcRWpf
FddptOGzhoDQgZVVuiiwK94c7DcHb80tdfZq83xfy31bSWAPq/J9jL/xvcKC7Xxm
bsW2ngkccMXt2a0vXUVe4xVWRmqNdnAjSTCNZ3gBp5QB+ff85TCehehJ9OLswbLg
jnDQLdCzEYUXBa4uKL+qsYr0D/xyzpU3WkfQ+IoyazXguDhheIVFxfS/GVd23SE1
gutA9s2fwBKHDKh3zWvKpA4eVpsRrmJXsRHu
-----END CERTIFICATE-----
Generated at Tue Apr 8 08:24:45 2025 by rpki-client